homehome Home chatchat Notifications


Special malware hit Ukraine just before the Russian invasion. Microsoft identified and mitigated it in 3 hours

War is no longer offline-only

Fermin Koop
March 2, 2022 @ 7:58 pm

share Share

As tanks hit Ukraine, so did malware. Microsoft disclosed that it detected a round of offensive and destructive cyberattacks targeting Ukraine’s digital infrastructure. The malware package, which the company named FoxBlade, was launched only hours before Russia launched its first missile attacks last week. The malware could also affect computers outside of Ukraine.

Image credit: Pixabay.

The malware package had never been seen before, Microsoft’s Threat Intelligence Center (MSTIC) said, noting that it added new signatures to its anti-malware service to detect FoxBlade in just three hours of the discovery. Specifics of the malware aren’t known, but Microsoft said it can use your PC for distributed denial-of-service attacks.

Microsoft President and Vice-Chair Brad Smith said in a blog post that the company’s “principal and global responsibility” is to help governments and countries to defend themselves from cyberattacks. This role was highlighted last week in Ukraine, he added, as the government, as well as organizations and individuals, were under attack.

“In recent days, we have provided threat intelligence and defensive suggestions to Ukrainian officials regarding attacks on a range of targets, including Ukrainian military institutions and manufacturers and several other Ukrainian government agencies.,” Smith said. “These recent and ongoing cyberattacks have been precisely targeted.”

Smith said Microsoft is “especially concerned” about cyberattacks on Ukrainian civilian digital targets, such as emergency response services, enterprises, the agriculture sector, and the financial sector. The tech giant also detected cyber efforts to steal a wide range of sensitive data sets, including insurance, health, and transportation-related information.

The company is also sharing information with US officials in Washington and NATO officials in Europe, building on their work to address cyber activity against Ukrainian targets. Smith said they will continue to “constantly update” all of Microsoft’s services, including their Defender service, to protect against any potential spread of malware.

Beyond malware, Microsoft is also working to tackle “state-sponsored disinformation” by removing content from Russian state media such as Russia Today (RT) and Sputnik from MSN.com and other Microsoft services like the Widgets menu. The company has removed RT’s apps from the Windows Store, and RT content is being deprioritized in Bing searches.

“The past few days have seen kinetic warfare accompanied with a well-orchestrated battle ongoing in the information ecosystem where the ammunition is disinformation, undermining truth and sowing seeds of discord and distrust. This requires decisive efforts across the tech sector as well as with governments, academia, and civil society,” Smith wrote.

Building on previous work

The malware attack didn’t catch Microsoft off guard, as the tech giant has been working hard over the past few years on increasing the security features of Windows PCs. In 2019, for example, it launched the “secured-core PC” initiative, focused on guarding against firmware-level attacks – relatively uncommon but very nasty when they happen.

But the list goes on. The system requirements of Window’s 11 mandate support for several supported-but-optional security features from Windows 10. Microsoft said it implemented these requirements because of the NotPetya data-wiping malware, which targeted hundreds of companies and hospitals worldwide in 2017 – including Ukraine’s power grid.

“As we look to the future, it’s apparent that digital technology will play a vital role in war and peace alike. Like so many others, we call for the restoration of peace, respect for Ukraine’s sovereignty, and the protection of its people. We not only look toward but will work for a future where digital technology is used to protect countries and peoples,” Smith wrote.

For people around the world, the best thing to do is update your Windows (if you use it) to make sure you benefit from the added protection. With cyber warfare being more common than ever, your devices have never been as vulnerable. Stay safe.

share Share

A Simple Heat Hack Could Revolutionize How We Produce Yogurt

In principle, the method could be deployed tomorrow, researchers say.

Scientists Create a ‘Smart Sponge’ That Knows When to Heal and When to Fight Inflammation

This hydrogel could help millions of people lead a better life.

The Race to the Bottom: Japan Is Set to Start Testing Deep-Sea Mining

There's a big hidden cost to this practice.

Japan Just Smashed the Internet Speed World Record and It's Much Faster Than You Think

Researchers transmitted 127,500 GB every second — over the distance from Chicago to Dallas.

Can You Tell Which Knot Is Strongest? Most People Fail This Surprisingly Tough Challenge

Knots are a test of physical intuition and most of us are failing hard.

Scientists Call for a Global Pause on Creating “Mirror Life” Before It’s Too Late: “The threat we’re talking about is unprecedented”

Creating synthetic lifeforms is almost here, and the consequences could be devastating.

For the First Time Ever We Can See Planets Starting to Form Around a Star

JWST and ALMA peered through a natural opening in the star’s surrounding cloud to catch the action up close.

Low testosterone isn't killing your libido. Sugar is

Small increases in blood sugar can affect sperm and sex, even without diabetes

There might be an anti-aging secret hiding in magic mushrooms

Psilocybin extends cell life, and preserves aging DNA structures.

Not Just Hunters: Wooden Tools Unearth the Sophisticated, Plant-Eating World of Early Humans

What if the Stone Age wasn't really about stone?